Food maker cooks up simple IT shop

Henry David Thoreau's adage "simplify, simplify" is more than a saying at food giant General Mills; it's a religion.

The axiom applies to almost every aspect of the company's network infrastructure, from applications in the data center to network hardware on factory floors.

"Our philosophy at General Mills is to have one system, one platform, one architecture," says Vandy Johnson, director of IS operations at General Mills Inc. "We try to do things that are both very good and very simple to do."

The US$10 billion company, which has more than 300 sites in 30 countries and employs 27,000 people, operates on just a few main ingredients: Hewlett-Packard Co. server and LAN hardware, SAP AG software and a dash of Cisco Systems Inc. routers.

But the food giant isn't running a vanilla IT operation. Among the technologies being deployed at General Mills are a 802.1X-based infrastructure for wired and wireless security, data center consolidation and a wide-reaching IP multicast infrastructure that regularly puts high-speed video on more than 17,000 desktops.

General Mills keeps things simple by keeping everything the same - even when that involves large-scale rip-and-replace projects. This was the case when the company - which owns the Betty Crocker, Bisquick and Cheerios brands - made a $10 billion acquisition of Pillsbury in 2001.

"Our goal was to replace (Pillsbury's) entire architecture with the General Mills standard," Johnson says. That meant migrating Pillsbury's ERP systems and server platforms - from IBM to Sun and Windows - to SAP. The project also involved taking out Pillsbury's network infrastructure, from the LAN edge to the backbone, and replacing it with General Mills' standard HP infrastructure.

While this project was not inexpensive - Johnson wouldn't talk about costs - the switch is paying off in terms of efficiency. All of Pillsbury's electronic financial and marketing data was converted to General Mills' SAP in 16 months.

"We found that having more environments means more complexity and more costs," he says.

The efficiencies of General Mills' IT philosophy are reflected in its size: its IT staff of 700 is almost half the size of the industry average among $10 billion-plus food companies, according to research from the Grocery Manufacturers of America.

The streamlined infrastructure also shows in the firm's IT budget. On average it spends .5 percent of its total revenue each year on IT, which equates to about $52 million.

This is lower than the average for companies of General Mills' size, according to 2001 research from Gartner. The research firm says large companies - more than $7 billion - spend on average 3.5 percent of their revenue on IT.

General Mills runs only two instances of SAP - a North American instance, and an international version. All international and North American branch offices access SAP over a frame relay WAN connected by Cisco 7500 routers. The company's Minneapolis data center is backed up in real time over a long-reach Fibre Channel SAN.

To simplify its data center, General Mills also consolidated its servers onto two core Superdome clusters for running SAP, and racks of HP blade servers for other applications such as file and print, e-mail and multimedia.

"We are taking advantage of Moore's Law by putting in more-powerful processors every 18 months," Johnson says. This effort has shrunken the space needed for the Minneapolis data center from 12,000 square feet to 6,000 square feet in the past two years.

For LAN switching, General Mills has standardized not only on one vendor, but also one product. HP's ProCurve 5300 modular LAN switch is deployed as the standard Ethernet box throughout General Mills' infrastructure - from the wiring closets to the distribution layer and backbone. General Mills runs 10/100M bit/sec to most desktops, with a backbone of 4G bit/sec, built on trunked Gigabit Ethernet connections. ProCurve 5300 switches even connect the company's manufacturing equipment with IP; this lets General Mills gather real-time data from production floors.

"You won't walk into a closet and find all different types of vendor's gear (with) all different models," Johnson says.

Two features on the ProCurves that General Mills is exploiting are 802.1X security, a LAN authentication technology, and IP multicast, a protocol for widespread streaming multimedia IP applications.

"Multicast is kind of old news," Johnson says, "but we love it."

General Mills has IP multicast enabled across its network to support corporate and training broadcasts. Multicasting across a heterogeneous network can create latency and jitter as streams flow across different types of switches, he says. Having the same switch in all locations helps avoid this problem without running quality of service on its streams.

"802.1X is a phenomenal technology," Johnson says. General Mills plans to deploy the 802.1X standard on its 5300 switches to control end-user access to the network-port level. The 802.1X security will tie users to a specific network port, preventing unauthorized users without network logons from using resources such as printers and Internet access.

Where 802.1X is also playing a big part is in General Mills' wireless plans. It is deploying HP's ProCurve 720 Access Controllers and 520 series wireless access points. The Access Controllers, or wireless LAN switches, centralize management of wireless access points, and use 802.1X to control access to the network. Johnson says this architecture is being evaluated in two locations with several hundred employees, with plans for company-wide deployment over the next few quarters.

Most of the time, switch maintenance is done remotely through HP OpenView's Network Node Manager software. Having the same switch in all locations also makes it easier to get parts sent to General Mills' far-flung locations.

"We're able to manage most networks in India and Australia from right here in Minneapolis," he adds.

While HP might not be on the bleeding edge of switch technology compared with high-end rivals such as Cisco, Extreme Networks Inc. and Foundry Networks Inc., Johnson says this is a non-factor.

"We are much more concerned about network products that work as advertised than having the latest features that we probably wouldn't use anyway," he says.

Many IT industry analysts and experts shun the idea of keeping an entire network tied to one vendor, saying that this practice locks users in and takes away negotiating leverage. Johnson insists this is not the case at General Mills.

"Having a single vendor gives you a lot of nice things," says Bob Halfner director of research at Gartner. But he adds that many IT buyers that become tied to a single vendor, and don't shop around, could be doing their company a disservice.

Johnson doesn't see it that way.

"Why wouldn't you bid IBM vs. HP, or one network vendor against another?" he says. "No matter who wins any bid, you'll have to spend more money to train your staff on those products," he says. "That cost always outweighs the purchase price of any one item."

Johnson says General Mills' tight relationship with HP gives the company a greater voice in terms of technology development. "HP listens to us. That lets us ask for things, and influence how they come to market in some ways."

Blade servers and WLANs are two HP product areas where General Mills has had influence, he says. "Before they ever had a blade server line, we had said this is something we were interested in," he says. "We talked to their engineers and said, 'This is what we're thinking about.'" That discussion resulted in General Mills getting a custom-built, pre-alpha model of HP's current blade offerings.

Johnson says his group also pushed HP for more-robust Wi-Fi products, which the firm started to introduce this year. "We really pushed them on getting wireless management and security integrated into the ProCurves, and we're pretty happy with the results," Johnson says.

Going forward, Johnson says he would like to see better management software integration from HP. "I would like to see one management platform that manages our data center from network to servers," he says.

Copyright 2017 IDG Communications. ABN 14 001 592 650. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of IDG Communications is prohibited.